Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Extends users/token GET endpoint to support any auth mechanism for retrieving the token #10924

Merged
merged 2 commits into from
Nov 1, 2024

Conversation

GPortas
Copy link
Contributor

@GPortas GPortas commented Oct 14, 2024

What this PR does / why we need it:

Changes users/token GET endpoint to support any auth mechanism for retrieving the token.

Previously, this endpoint only accepted an API token to retrieve its information. Now, it accepts any authentication mechanism and returns the associated API token information.

Which issue(s) this PR closes:

Special notes for your reviewer:

For private URL tokens, the endpoint returns Unauthorized. Before this change, it returned Not Found. I believe this behavior is correct since a private URL user is not considered an authenticated user and therefore cannot obtain an API token, but I think it's necessary to double-check this.

Suggestions on how to test this:

Visual inspection and call the API token endpoint with any available auth mechanism. We can test the endpoint using the session cookie authentication (we should enable the feature flag) by sending the associated cookie, and verify we obtain the API token if created.

curl --cookie "JSESSIONID=<cookie_value>" -X GET http://localhost:8080/api/users/token
Does this PR introduce a user interface change? If mockups are available, please link/include them here:

No

Is there a release notes update needed for this change?:

I am not sure, but I have added them

Additional documentation:

None

@GPortas GPortas changed the title Changes users/token GET endpoint to support any auth mechanism Changes users/token GET endpoint to support any auth mechanism for retrieving the token Oct 14, 2024
@coveralls
Copy link

coveralls commented Oct 14, 2024

Coverage Status

coverage: 20.874% (-0.001%) from 20.875%
when pulling 129c80c on 10910-users-token-api-credentials
into c44ad65 on develop.

This comment has been minimized.

@GPortas GPortas marked this pull request as ready for review October 14, 2024 11:12
@GPortas GPortas added Size: 0.5 A percentage of a sprint. 0.35 hours Original size: 0.5 SPA These changes are required for the Dataverse SPA GREI Re-arch Issues related to the GREI Dataverse rearchitecture SPA.Q4 Not related to any specific Q4 feature labels Oct 14, 2024
@GPortas GPortas changed the title Changes users/token GET endpoint to support any auth mechanism for retrieving the token Extends users/token GET endpoint to support any auth mechanism for retrieving the token Oct 14, 2024
Copy link

📦 Pushed preview images as

ghcr.io/gdcc/dataverse:10910-users-token-api-credentials
ghcr.io/gdcc/configbaker:10910-users-token-api-credentials

🚢 See on GHCR. Use by referencing with full name as printed above, mind the registry name.

@cmbz cmbz added the FY25 Sprint 8 FY25 Sprint 8 (2024-10-09 - 2024-10-23) label Oct 15, 2024
@cmbz cmbz added the FY25 Sprint 9 FY25 Sprint 9 (2024-10-23 - 2024-11-06) label Oct 23, 2024
@sekmiller sekmiller self-assigned this Oct 30, 2024
@sekmiller sekmiller removed their assignment Oct 30, 2024
@ofahimIQSS ofahimIQSS self-assigned this Oct 31, 2024
@ofahimIQSS
Copy link
Contributor

Testing passed - merging PR.
Testing of 10924.docx

@ofahimIQSS ofahimIQSS merged commit 5b92752 into develop Nov 1, 2024
11 checks passed
@ofahimIQSS ofahimIQSS deleted the 10910-users-token-api-credentials branch November 1, 2024 15:41
@ofahimIQSS ofahimIQSS removed their assignment Nov 1, 2024
@pdurbin pdurbin added this to the 6.5 milestone Nov 1, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
FY25 Sprint 8 FY25 Sprint 8 (2024-10-09 - 2024-10-23) FY25 Sprint 9 FY25 Sprint 9 (2024-10-23 - 2024-11-06) GREI Re-arch Issues related to the GREI Dataverse rearchitecture Original size: 0.5 Size: 0.5 A percentage of a sprint. 0.35 hours SPA.Q4 Not related to any specific Q4 feature SPA These changes are required for the Dataverse SPA
Projects
Status: Done 🧹
Development

Successfully merging this pull request may close these issues.

Extend users/token endpoint for retrieving the token using any available API auth mechanism
6 participants